Re: Solid App Authorization from Kingsley Idehen on 2019-07-31 (public-solid@w3.org from July 2019)

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Wed, 31 Jul 2019 16:54:34 -0400
To: public-solid@w3.org
Message-ID: <fff672b6-429d-33c8-21ec-243ac95d5d79@openlinksw.com>

On 7/31/19 2:56 AM, Alexandre Bourlier wrote:
> Hi Michael,
>
> As far as I know, WebID-TLS is not going to happen by lack of browser
> support for the standard.
>
> I believe WebID-OIDC is the recommended way to authenticate an app to
> a POD. At least, that is how we do it at Startin'blox 😉
>
> I do not know what DID is though.
>
> I hope this helps


Hi Alexandre,

Solid is not a WebID-TLS vs WebID-OIDC regarding Authentication protocols.

Confusion arises because you can deploy a Node.js Solid Server (NSS) in
two modes:

1. WebID-TLS only -- this is limited by general confusion about TLS and
Browsers (a looong story, I can't revisit yet again).

2. WebID-OIDC + WebID-TLS Bridge -- broad use by everyone right now that
uses Solid

3. WebID-OIDC only -- this doesn't exist

My biggest fear is that misunderstanding regarding #2 will create #3 and
that will basically be #1, but from a different perspective.

Thus, if we veer away from this WebID-TLS vs WebID-OIDC misconception we
prevent the emergence of #3.

The WebID-OIDC + WebID-TLS Bridge enables your application support WebID
authentication using either protocol. It is "horse for courses"
compliant which is consistent with the underlying design of the Web's
technology stack.

I hope this helps as we don't ever want #3, and #1 is already fading away .


Kingsley

>
>
> On Wed, Jul 31, 2019, 00:06 Michael Pigott
> <mpigott@ironhorsesoftware.com <mailto:mpigott@ironhorsesoftware.com>>
> wrote:
>
>     Hello Solid WC!
>         I have been working on https://solid.vip today, which is a
>     project to build a user profile by combining public information
>     from existing social media accounts (LinkedIn, GitHub, Twitter,
>     Facebook, and Google) and putting the information on a single-page
>     profile.  My own user profile looks like
>     this: http://mpigott.solid.vip/.
>         The next feature I would like to add is to allow the user to
>     import the data into a Solid POD.  However, I am not sure what the
>     preferred way to authenticate an application is; it seems like
>     much of the Solid platform is still in flux.  Is there a
>     recommended spec I should follow (WebID-TLS, WebID-OIDC, DID) in
>     order to allow someone with a Solid POD to import the data from
>     the generated profile?
>
>     Thanks!
>     Mike
>         
>

-- 
Regards,

Kingsley Idehen       
Founder & CEO 
OpenLink Software   
Home Page: http://www.openlinksw.com
Community Support: https://community.openlinksw.com
Weblogs (Blogs):
Company Blog: https://medium.com/openlink-software-blog
Virtuoso Blog: https://medium.com/virtuoso-blog
Data Access Drivers Blog: https://medium.com/openlink-odbc-jdbc-ado-net-data-access-drivers

Personal Weblogs (Blogs):
Medium Blog: https://medium.com/@kidehen
Legacy Blogs: http://www.openlinksw.com/blog/~kidehen/
              http://kidehen.blogspot.com

Profile Pages:
Pinterest: https://www.pinterest.com/kidehen/
Quora: https://www.quora.com/profile/Kingsley-Uyi-Idehen
Twitter: https://twitter.com/kidehen
Google+: https://plus.google.com/+KingsleyIdehen/about
LinkedIn: http://www.linkedin.com/in/kidehen

Web Identities (WebID):
Personal: http://kingsley.idehen.net/public_home/kidehen/profile.ttl#i
        : http://id.myopenlink.net/DAV/home/KingsleyUyiIdehen/Public/kingsley.ttl#this

Attachments

application/pkcs7-signature attachment: S/MIME Cryptographic Signature

Received on Wednesday, 31 July 2019 20:55:01 UTC